package com.toolmanrln.security.config;


/**
 * 对SpringSecurity的配置的扩展，支持自定义白名单资源路径和查询用户逻辑
 * Created by macro on 2019/11/5.
 */
public class SecurityConfig{}
//@EnableConfigurationProperties(IgnoreUrlsProperties.class)
//public class SecurityConfig extends WebSecurityConfigurerAdapter {
//
//    @Autowired(required = false)
//    private DynamicSecurityService dynamicSecurityService;
//
//    @Autowired
//    private IgnoreUrlsProperties ignoreUrlsProperties;
//
//    @Override
//    protected void configure(HttpSecurity httpSecurity) throws Exception {
//        ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry = httpSecurity
//                .authorizeRequests();
//        //不需要保护的资源路径允许访问
//        for (String url : ignoreUrlsProperties.getUrls()) {
//            registry.antMatchers(url).permitAll();
//        }
//        //允许跨域请求的GET请求
//        registry.antMatchers(HttpMethod.GET)
//                .permitAll();
//        // 任何请求需要身份认证
//        registry.and()
//            .authorizeRequests()
//                .anyRequest()
//                .authenticated()
//                .and()
//            // 关闭跨站请求防护及不使用session
//            .csrf()
//                .disable()
//                .sessionManagement()
//                .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
//                .and()
//            // 自定义权限拒绝处理类
//            .exceptionHandling()
//                .accessDeniedHandler(restfulAccessDeniedHandler())
//                .authenticationEntryPoint(restAuthenticationEntryPoint())
//                .and()
//            // 自定义权限拦截器JWT过滤器
//            .addFilterBefore(jwtAuthenticationTokenFilter(), UsernamePasswordAuthenticationFilter.class);
//        //有动态权限配置时添加动态权限校验过滤器
//        if (dynamicSecurityService != null) {
//            registry.and().addFilterBefore(dynamicSecurityFilter(), FilterSecurityInterceptor.class);
//        }
//    }
//
//    @Override
//    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//        auth.userDetailsService(userDetailsService())
//                .passwordEncoder(passwordEncoder());
//    }
//
//    @Bean
//    public PasswordEncoder passwordEncoder() {
//        return new BCryptPasswordEncoder();
//    }
//
//    @Bean
//    public JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter() {
//        return new JwtAuthenticationTokenFilter();
//    }
//
//    @Bean
//    @Override
//    public AuthenticationManager authenticationManagerBean() throws Exception {
//        return super.authenticationManagerBean();
//    }
//
//    @Bean
//    public RestfulAccessDeniedHandler restfulAccessDeniedHandler() {
//        return new RestfulAccessDeniedHandler();
//    }
//
//    @Bean
//    public RestAuthenticationEntryPoint restAuthenticationEntryPoint() {
//        return new RestAuthenticationEntryPoint();
//    }
//
//
//    @Bean
//    public JwtTokenUtil jwtTokenUtil() {
//        return new JwtTokenUtil();
//    }
//
//    @ConditionalOnBean(name = "dynamicSecurityService")
//    @Bean
//    public DynamicAccessDecisionManager dynamicAccessDecisionManager() {
//        return new DynamicAccessDecisionManager();
//    }
//
//
//    @ConditionalOnBean(name = "dynamicSecurityService")
//    @Bean
//    public DynamicSecurityFilter dynamicSecurityFilter() {
//        return new DynamicSecurityFilter();
//    }
//
//    @ConditionalOnBean(name = "dynamicSecurityService")
//    @Bean
//    public DynamicSecurityMetadataSource dynamicSecurityMetadataSource() {
//        return new DynamicSecurityMetadataSource();
//    }
//
//    @Bean
//    VerifyCodeAuthenticationProvider myAuthenticationProvider() {
//        VerifyCodeAuthenticationProvider provider = new VerifyCodeAuthenticationProvider();
//        provider.setPasswordEncoder(passwordEncoder());
//        provider.setUserDetailsService(userDetailsService());
//        return provider;
//    }
//
//    @Override
//    @Bean
//    protected AuthenticationManager authenticationManager() throws Exception {
//        ProviderManager manager = new ProviderManager(Arrays.asList(myAuthenticationProvider()));
//        return manager;
//    }
//}
